SSH to device over hotspot (AP mode) does not always work, and other issues

On a fresh OpenWrt install on my device I will attempt to SSH over the device's hotspot:

$ ssh -v root@192.168.1.1
OpenSSH_8.2p1 Ubuntu-4ubuntu0.2, OpenSSL 1.1.1f  31 Mar 2020
debug1: Reading configuration data /home/{ME}/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to 192.168.1.1 [192.168.1.1] port 22.

This will just hang forever. Sometimes I get a "Network is unreachable" error. I can try this again after resetting the device and sometimes I will be able to SSH into the device.

This seems to coincide with LuCI. I cannot access 192.168.1.1 in a web browser when I cannot SSH into the device, but I can access the web interface when I can SSH into the device. The only thing I can do is keep resetting until it works.

I also have a second problem that's related. With Ethernet connected from the device to my local network, I cannot ping google.com but I can ping 8.8.8.8 from the device. With a serial connection to the device, I can run wifi up and sometimes this will fix the issue and I can ping google.com. However after wifi up, I cannot SSH into the device over the device's hotspot. This is a major issue as I'm trying to cut any dependency of the serial connection when setting up a new device. That is, I'd like to just work with the device via SSH tunnel.

So my goal is to:

1. Reliably SSH into the device over the device's hotspot
2. ping google.com (with device connected to local network via ethernet)

Edit: I have not made changes to /etc/config/network or /etc/config/wireless.
/etc/config/network

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix '{PREFIX}'

config interface 'lan'
        option type 'bridge'
        option proto 'static'
        option ipaddr '192.168.1.1'
        option netmask '255.255.255.0'
        option ip6assign '60'

config device 'lan_dev'
        option name 'eth0'
        option macaddr '{MAC}'

config switch
        option name 'switch0'
        option reset '1'
        option enable_vlan '0'

config interface 'wan'
        option ifname 'eth0'
        option proto 'dhcp'

/etc/config/wireless:

config wifi-device 'radio0'
        option type 'mac80211'
        option channel 'auto'
        option hwmode '11g'
        option path 'platform/10300000.wmac'
        option htmode 'HT20'
        option disabled '0'

config wifi-iface 'ap_radio0'
        option device 'radio0'
        option network 'lan'
        option mode 'ap'
        option ssid '{NAME}'
        option encryption 'none'

Does your wan IP conflict with the lan?

What model is the device? You've disabled the Ethernet switch ( if it has one) so all the switch ports will be wan. Usually that is not what you want.

I think you're right and it does conflict. I changed the lan IP address to 192.168.2.1 and ran /etc/init.d/network restart and I can now ping google.com during an SSH session with the device. It also seems to allow me to SSH into the device via its hotspot.

I guess the issue I have now is that we have many of these devices with default lan IP 192.168.1.1, and there is no easy way to change this. We have to keep resetting the device every time we can't SSH to 192.168.1.1 until we get lucky. Once we have access we can change the IP address.

If we compile new firmware, is there a way to have /etc/config/network default to lan IP 192.168.2.1?

It's not a problem having lan at 192.168.1.1 unless and until the wan is connected.

Yes you can store a files/etc/config/network file with custom settings under the build root (or Image Builder root) and that file will be included in the image and be used when it boots.

It's not a problem having lan at 192.168.1.1 unless and until the wan is connected.

Odd, I still have issues establishing an SSH connection to the device (network unreachable) when the Ethernet is disconnected, but these issues disappear after changing the IP. I'm probably missing or misunderstanding something important (Sorry, I'm very much not familiar with networking).

Edit -

I've built a new firmware image that defaults the lan IP to 192.168.2.1. From my serial connection I can see ping google.com works fine. However I still cannot SSH to 192.168.2.1 until many resets. I might have been mistaken earlier and gotten 'lucky' in being able to SSH.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.